[piano music]

Keeps rewriting itself to counter my commands.

This has something to do with computers.

Hack 'em all.

Hi, I'm Samy Kamkar.

[Narrator] Samy is the co-founder of OpenPath Security

and a computer hacker.

I'm back to talk about more hacking scenes

in TV shows and movies.

Breaking into a government system, The X-Files.

This has something to do with computers, the internet.

Actually the ARPANET.

You can access it through the internet.

I want to believe, but this clip isn't too realistic.

ARPANET is essentially what the internet came from.

DARPA, the U.S. government agency created ARPANET

and that bubbled into the internet

and became publicly available.

When the X-Files came out,

ARPANET was no longer in existence.

Isn't there something you could-

I mean how do you say it, hack into?

I'm sorry, I think this is the end of the line.

How you say, that's what she says.

She says, How you say, hack.

[Samy laughs]

How do you say it, hack into.

But How you say is what you say in other languages

when you don't know.

Right?

[computer beeps]

What did you do?

Oh, it's a government system,

I know a couple of logging out tricks with VMS version five.

If you're using a password that you know,

then I don't really consider that hacking.

[tense music]

[Woman] What is that?

It's an encrypted file.

[computer beeps]

Why would your three year old have an encrypted file

in a secret defense department database?

Can you decode it?

There's another issue here

in that they find a file that's encrypted,

that by itself is not too unrealistic.

They're showing the file in ASCII format.

Can you print it out for me?

But when you print it out,

that's going to be useless information.

And that's because many of the characters

that would be in an encrypted file

are not visible in an ASCII format.

So you end up with things like periods,

which may or may not be a period

or it could be a totally different character or byte.

So your ex-boyfriend is into computers.

I would totally say that.

Wait, your boyfriend's into computers?

I should meet him.

[Samy laughs]

Locking down a system, Jurassic Park.

[computer beeps]

[tense music]

[computer beeps]

Five, four.

[door hisses]

In this clip, it looks like Newman,

you know who I mean.

Newman!

Is kind of running around,

activating or deactivating certain types of locks.

But, at some point, someone else tries to run a command,

like access grid, and that causes an access denied.

But then he gets a series of messages.

So, this doesn't look too realistic,

just on the fact that he's getting access denied messages

without a password.

And he's also then getting a message in a loop,

which is just less likely to happen in a realistic scenario.

This reminds me of some of the clips

that we saw in the first technique critique

when we were seeing, really,

just a lot of pop-ups that would occur.

Stop the popups.

[Samy laughs]

And a lot of videos typically

that will hackers will put onto devices.

[cats meow]

That's not something we generally see in the real world.

[tense music]

It's a Unix system.

It's all the files of the whole park.

The girl gets to the computer and says,

It's a Unix system.

It doesn't look like a Unix system,

which is typically a terminal or a console window.

But it actually is Unix.

It tells you everything.

I gotta find the right file.

The 3D interface that she's using is a legitimate software

that a company called SGI made many years ago.

It's not something anyone actually uses.

It was really just about proof of concept

of using a 3D file system.

The reason no one would ever use it

is because it takes forever to navigate a 3D system

when you're just trying to find a file.

Hate this hacker crap!

Decrypting a file, The code.

I'm up in air in the video compression.

Can we fix that?

Maybe.

But, I would need to get online.

[keyboard clicks]

[tense music]

Here we see Jesse taking a corrupted video file.

And, for a moment

we see him start running a program called ffmpeg.

And, he essentially tries to remove corruption

from this video file.

And that's totally reasonable.

[keyboard clicks]

ffmpeg is meant for all sorts of modifications

or alterations to video images and audio.

So, for example, if you have something that's corrupt,

you could take all of the frames that are not corrupt,

extract them, and then reconstruct all of those frames

into a single video.

There was a part that was inaccurate

in where we saw the red, green, and blue channels

all visually come up.

While that would be possible to do,

ffmpeg, the tool itself is a terminal based tool.

So, it's all text-based despite operating on video image

and audio.

Can we fix that?

Maybe. But I would need to get online.

He asked to go online,

but if he already has that ffmpeg tool

downloaded to his machine,

there's actually no reason for him to go online.

So, who knows what he was actually doing?

Sometimes you do hear of hackers getting sentenced

not to use computers or be on the internet.

Unfortunately, that occurred to me

earlier in my life for several years.

I don't know if we want to go into it.

[Samy laughs]

Now I'm allowed to be on the internet.

[Samy laughs]

Hardware hacking, Firewall.

I need my daughter's MP3 player to use as a hard drive.

Here we see Jack Stanfield using his daughter's ipods

to store data while under duress in a kidnapping situation.

This is the scanner head and the fax machine.

Yeah.

And you'll capture the images of the account numbers

off the server screen and transfer them to this.

That's totally realistic.

If you think about an MP3, it's just a digital format

of audio.

And audio is really just an analog signal.

So, you can convert that into a digital format

and-

Just like you can convert any other data

into some digital format.

But, they're still just images,

what are you going to do with them?

Use an OCR program to convert it to data

that the computer can use.

He also mentions using OCR,

which is object character recognition.

So, if I were to take a screenshot of a bank account,

it's an image, there's not actually text in it,

even though I can read the text.

OCR software would then convert that

and extract all of the text from it

without me having to type it in manually.

10,000 songs, 10,000 account codes,

it doesn't know the difference.

The only thing he doesn't go over here

is how he converts the images from the scanner

into the MP3s.

You do need some conversion to occur.

So, that needs to be a computer or a microcontroller

or something.

Should work.

Hacking a smart fridge, Silicon Valley.

Hello my cofriend.

[fridge dings]

Hello?

[Fridge] Huh, suck it Jin-Yang.

Mm, ah huh.

Your attacking and destroying my refrigerator?

And you misspell my name.

Essentially, smart fridges themselves

are really just computers.

They're running some operating system,

maybe a stripped down version of Linux.

When I was able to brute force the backdoor password

to that chrome piece of shit in under 12 hours.

What Gilfoyle was saying

is that he was able to brute force the password.

All that means is

he went through millions and millions of passwords

trying to authenticate through some mechanism

that the refridge exposed.

Maybe it's connected to the WiFi network

and it has a port open that you can then connect to.

That is a possible scenario.

A back door is a way to log in or authenticate into a system

without going through the traditional mechanism.

So, maybe a website has a username and password field.

A backdoor would be a special URL

that you wouldn't need to enter any username or password

But I added a little visual flair.

[Fridge] Huh, suck it.

[tense music]

Hacking an ATM pin, Terminator 2: Judgment Day.

[Boy 1] Please insert your stolen card now.

[ATM revs]

[keyboard clicks]

They insert a device that looks like a credit card

tied to a computer with a ribbon cable.

And it looks to do some type of brute force of the pin code.

Go baby, go baby, go baby.

Right.

Yes!

Easy money.

Some of this could be possible.

The problem is the pin code has nothing to do

with the data on the credit card,

nor is it ever inserted within the credit card slot.

Those are two independent systems.

What they're doing here with the pin

just isn't talking to the right system.

So, they'd have to be plugged into something else

in order to even attempt an attack like this.

[Boy 2] Where did you learn this stuff from anyway?

From my mom.

Destroying a hard drive, The Core.

This is the FBI, we have a warrant.

[Man] Shit!

[electronic music]

[toaster hisses]

[microwave hums]

In this scene, the main character is trying to wipe,

delete, purge any data he can

from a number of different data storage types.

[electronic music]

He takes some pretty big magnets

and he goes over, what I assume are hard drives.

Which would work

for traditional spinning platter hard drives.

That would erase a lot of the data

as the data is kept in magnetic fields.

If I had to destroy something

like a traditional spinning hard drive,

then I probably would do something similar by using magnets.

But, ideally, I would also want to open it after the fact

and then crush it into bits.

The more small pieces you have,

the less data someone will be able to extract

and be able to put them together.

[electronic music]

[microwave hums]

[microwave dings]

He also throws some CDs or DVDs into a microwave.

The data there is actually stored within the polycarbonate.

So, if he had a sufficient time to melt it

he could make it disappear,

but it just depends on that amount of time.

[electronic music]

[Man] Purge.

He also deleted some data, just using software.

Now, a quick software delete, in the period of time he had,

which was only a few seconds.

While that appears to delete the files,

it actually doesn't delete the data.

All it does is tell your hard drive or your computer

that the data in this sector is now free.

In order to actually delete data from a drive

you actually need to overwrite that data.

And typically you want to overwrite it several times.

Then, for a safe measure,

hit it with a hammer a bunch of times.

I know these look like computers,

totally not.

Faraday cage, Enemy of the state.

[machine grinds]

This is where I work.

Completely secure.

Copper wire mesh keeps the radio signals out.

He says this copper wire cage or a faraday cage

keeps radio signals out.

Normally that is true.

When you have a conductive mesh or a metallic mesh,

the only thing that can penetrate that mesh

are wavelengths that are essentially smaller

than the mesh itself.

So, the holes themselves.

But, in this case,

there is a lot of radio frequency

that can fit in that wavelength.

So, really, even something like five gigahertz,

Wifi would be able to penetrate that mesh.

If the mesh were smaller,

then it would be able to block a lot more radio frequency.

Hate to see the chicken that lives in this coop.

Acoustic analysis, Eagle Eye.

[computer whines]

Sir, all the threats we've been tracking chatter all-

Hold it.

In this scene a couple of things are happening.

There is a voice over IP phones

that they ultimately disconnect

to prevent someone from snooping or enabling the microphones.

It shows that the camera is essentially able to read lips.

[camera beeps]

Really creative and absolutely doable with software today.

[camera beeps]

[Woman] Section 216 of the Patriot Act.

What they didn't expect, and, which is really creative,

is they're actually using acoustic analysis

to look at vibrations off the coffee cup that was there.

So, when you're speaking or when someone's speaking

they are moving air molecules

and that's going at a certain frequency

based off the frequency of their sound.

When that hits something like the drink,

you're actually able to convert that physical change

of that liquid back into audio.

Because, essentially, it's moving at the frequency of sound.

And if you can visually see that,

you can then convert that visual frequency

back into the frequency of sound and hear it.

So, it's actually a very creative, but it is doable.

Denial of service attack, Ralph Breaks the Internet.

[Malicious character] Scanning for insecurities.

Come on, don't leave me!

[Malicious character] Insecurity detected.

[creature fires]

In this clip, we see some sort of malicious system

that is finding this insecurity in Ralph.

And they're essentially duplicating Ralph

and duplicating this insecurity

which then takes over all sorts of websites, sops.

It starts interfering with people's web browsers.

The internet is under assault

as a massive denial of service attack

crashes servers across the web.

Denial of service

typically isn't going to do something manipulative

like alter your web browser or alter a video feed.

Instead, its goal is one simple thing

and that's to bring a system down.

While this is a pretty unrealistic

I think we can give Ralph a pass here,

just for his insecurity.

[girl yells]

Hijacking a TV channel, V for Vendetta.

[static hisses]

For god-

Dad, what's wrong with the tele?

Good evening London.

In this scene,

we see someone essentially taking over a TV station.

In this case, I don't consider this hacking,

because they essentially already have the capability,

they're in the station and they have the ability

to already override the video that's been playing right now.

What makes it a little less unlikely,

is that they're also taking over billboards.

And often those are coming off a separate feed

off some prerecorded video.

Granted, those could be based off of live video as well.

In Tim Burton's Batman,

we do see something similar

where a live newscast is taken over by the Joker.

Now, that is actually a lot more realistic

and is an actual hack

because often, live broadcasts are being aired over radio.

So, if someone can intercept,

and by intercept I just mean send a stronger signal,

and they can actually override that signal

if they can hit the receiver and take over that.

So, that is something that can happen

and has happened in the past.

He don't look happy.

He's been using Brand X.

Stock market hack, Who Am I?

[rock music]

In this clip they're on the roof

of what appears to be a stock exchange.

And they're somehow connecting to the network.

This, by itself, is going to be a little challenging

because there are many different networks

and just being on the roof

is typically not enough to jump on the network.

We do see them run something called bashbufferoverflow.sh

and some number.

And bufferoverflow is a common technique

to exploit various types of software

by overflowing their memory so much

that you get to a point in memory

that you can tell the processor where to run code,

and you can then point that back

to the original memory you overflowed

and that's now your code.

So, it's a way to take over a computer

just by inputting some data.

What they're demonstrating

is that they were able to connect to

and then run their own code

and run their own instructions.

[rock music]

[speaking in foreign language]

We're also seeing, essentially, video of a graph.

And that chart is probably going to be extracted

from some other locations,

maybe from a website or from some other feed.

So, it might be possible,

but it's going to be challenging to do this.

[rock music]

[All] Yeah!

Autonomous vehicle exploitation, Fate of the Furious.

There's over a thousand of them.

Hack 'em all.

[computer squeaks]

[engine starts]

[tires squeal]

In this clip we see a bunch of cars

getting hacked and taken over.

Some of this could be possible.

And there's a pretty incredible demonstration

of this type of attack

where they were able to take a Jeep

that was driving on the road

with someone from Wired inside.

And they were able to take that car over.

They first started just controlling the windshield wipers,

adjusting the radio,

and then actually started messing

with the controls of the vehicle, like the throttle.

And that's because some vehicles

do have these components computerized.

However, what they're showing here

where they're just arbitrarily choosing cars to take over

is really unlikely because it's a lot of effort

and it's typically a targeted attack.

You have to really know the vehicle

that you are trying to get to first.

[speaking in foreign language]

[cars crunch]

Ouch.

You see a bunch of cars

that are actually parked and they start driving.

Well, that's not going to happen

if you have something like an e-brake.

As far as I know today

there aren't many vehicles with a computerized e-brake.

So, we're just seeing way too many vehicles

doing way too many things

they simply don't have the capability to.

I'd buckle up if I were you.

Credential hack, Mission: Impossible - Ghost Protocol.

[machine whines]

[machine beeps]

In this scene we see Ethan Hunt

going into a government building.

He reveals his credentials

and the person working behind the desk

starts scanning the credentials.

[speaking in foreign language]

He looks at kind of what percentage of this hacking

is being done.

This seems pretty unlikely for a couple of reasons.

For one, when you're talking about a credential

or authorization system,

it's likely not going to be on some wireless network.

Even if you do have a wireless network

in a government building,

it's again, likely not tied to a security checkpoint.

Another problem here is

that we see a percentage of completion.

You almost never have percentages

when you're talking about hacking.

Either you have found a mechanism to get in or you haven't.

So, the loading bar in hacking scenes

is usually not very accurate.

Love your disguise by the way.

Max booth, Mr. Robot.

[funk music]

Thanks doll.

In this scene, we see Darlene

take a little magnetic read head

and take a hotel card and scan it.

And then store it into the device called MagSpoof.

And then she goes up to the hotel room

and she essentially hits play,

which either replays that

or it brute forces the code and that unlocks the door.

And that is something that can absolutely occur.

MagSpoof is a device I personally created

and it's designed to essentially perform penetration testing

around different types of mag stripes,

primarily around credit cards.

The device itself is an electromagnet.

And what all that means is

it's able to create a magnetic field,

both in North and South.

The writers of Mr. Robot were really creative here

and asked if this were possible

on hotel mag stripes, and it's entirely possible.

And they actually came up with the idea

of taking that same device and using it here in a hotel

to brute force through various numeric codes for a room

just by having somebody else's room card.

And that's a totally feasible scenario.

Hacking at an Apple store,

Captain America: The Winter Soldier.

[computer beeps]

[Woman] Now, it's trying to hide something.

Can I help you guys with anything?

Oh no, my fiance was just helping me

with some honeymoon destinations.

It seems that, really, what they're trying to do

is just hide who they are and what they're doing.

So, they're going to an Apple store

so they can take the IP address

of the Apple store rather than doing it safe

from their home or office or Captain America network.

How much time do we have?

Uh, about nine minutes from

now.

Generally, you wouldn't want to do it in an Apple store.

For one, they're going to have a lot of cameras.

So, all they have to do is correlate the time,

the computer and then look at the video feed

and they might be able to capture who was there.

Well, maybe we can find out where it came from.

There was an art prank done,

many years ago at an Apple store in New York.

The creator, Kyle,

ended up getting the secret service sent to his house.

So, you probably don't want to try this.

Congratulations, where you guys thinking about going?

New Jersey.

[Man] Huh.

If you did want to actually perform attacks

and hide your IP address,

it would make more sense to have some sort of device,

say a Raspberry Pi computer connected to a solar panel,

throw it on top of a store and then connect to that.

So, that is now connecting to the free wifi

of somewhere nearby.

And now, you're sort of proxied, there's no video of you,

you're not at the store,

but you're taking advantage of their IP address.

And now it's going to be much harder to link back to you.

Person who developed this is slightly smarter than me,

slightly.

A phishing attack, Oceans Eight.

[computer dings]

[mouse clicks]

[man gasps]

Rihanna, or Nine Ball, is trying to phish somebody.

She's constructing an email or message.

It has some link that the person clicks

and then that person had their camera engaged,

and the video feed went back to Nine Ball.

That is pretty unlikely.

In order to actually enable somebody's web camera,

you need to get code to execute on their computer.

That's usually very difficult.

When you employ those attacks, and they get executed,

they're going to be discovered pretty quickly,

if you start using it.

And it's going to be patched pretty quickly.

So, it's not to say it's not possible.

It's just that, once you start using these types of attacks,

you're essentially burning them.

Otherwise a phishing attack by itself,

getting someone to click something,

or visit a malicious link, that is pretty easy to do.

And that happens honestly, every day.

You poor thing.

Discovering a worm, Hackers.

[rock music]

[paper rustles]

[Man] It isn't a virus, it's a worm.

Here we see Zero Cool doing some sort of investigation.

We do see a lot of algebraic formulas, unfortunately.

Which have really nothing to do with what he's doing.

Granted, if you're programming,

you will be writing a lot of algorithms,

but you're never doing it in,

let's say the algebraic format that they're showing.

[Man] It isn't a virus, it's a worm.

The worm eats a few cents from each transaction.

And when the worm's ready,

it zips out with the money and erases it's tracks.

He says this is a worm and not a virus.

And that seems true.

Essentially, we think of a virus as some piece of software

or malware that requires some action by a user

in order for it to execute.

Where, a worm is more likely something

that requires little to no action in order to proliferate.

By this point,

it's already running at twice the speed as when it started.

When I was younger,

I did accidentally release a worm on a site

popular many years ago called Myspace.

All it did was,

someone would visit my profile,

without knowing it, they would add me as a friend

and the code would copy to their profile.

That means when someone visits their profile,

the code would copy to their profile.

Within about 24 hours over a million people were infected.

It said, Samy is my hero on all these profiles

and Myspace had to shut down in order to remove this worm.

Unfortunately for me,

I couldn't touch a computer for several years.

I wasn't allowed on the internet

until I went back to a judge.

Now we're here.

[Samy laughs]

Crash 1,507 systems in one day?

Aptitude test, Snowden.

We're going to start with an aptitude test.

[electronic music]

The average test time is five hours.

If you take more than eight, you will fail.

I don't know whether aptitude tests like this

happen in government, I can only assume they do.

I know with a lot of companies,

you will go through some types of tests.

You will be on the spot.

You will be given a computer

or you'll be given a whiteboard.

And they'll say, Okay, do X.

You know, Write some software to perform this.

So, there are realistic tests like this.

[electronic music]

It's actually interesting

because they're running legitimate commands.

We see nmap run a few times.

We see tar, an archiving utility used to compress some data

and then extract that data.

A lot of this was extremely realistic.

I'm really just nitpicking,

but a couple of those commands had a verbose flag enabled,

which should have output a lot more data,

but they did not output any data.

But, otherwise it seemed like a reasonable clip.

Eyes on screens.

[Man] We don't have enough card space

to do all the other clips.

Does anyone have an ipods?

[men laugh]

[bell dings]

[Narrator] Conclusion.

Hacking itself

is not always the most glamorous to look at.

However, we are seeing more and more hardware type hacking

where people are taking physical devices

and moving hacking into the real world.

[gentle music]

And that by itself, I think, looks more interesting.

[Man] And that's a wrap.

[group applauds]

All right, guys, from the top.

[men laugh]